diff --git a/packages/api/src/controllers/auth.js b/packages/api/src/controllers/auth.js
index fbd359d4d..f2822782c 100644
--- a/packages/api/src/controllers/auth.js
+++ b/packages/api/src/controllers/auth.js
@@ -69,11 +69,13 @@ module.exports = {
 
     const payload = jwt.decode(access_token);
 
+    console.log('User payload returned from OAUTH:', payload);
+
     const login = process.env.OAUTH_LOGIN_FIELD ? payload[process.env.OAUTH_LOGIN_FIELD] : 'oauth';
 
     if (
       process.env.OAUTH_ALLOWED_LOGINS &&
-      !process.env.OAUTH_ALLOWED_LOGINS.split(',').find(x => x.toLowerCase().trim() != login.toLowerCase().trim())
+      !process.env.OAUTH_ALLOWED_LOGINS.split(',').find(x => x.toLowerCase().trim() == login.toLowerCase().trim())
     ) {
       return { error: `Username ${login} not allowed to log in` };
     }
diff --git a/packages/web/src/NotLoggedPage.svelte b/packages/web/src/NotLoggedPage.svelte
index 7af0fc6ea..0dad204f0 100644
--- a/packages/web/src/NotLoggedPage.svelte
+++ b/packages/web/src/NotLoggedPage.svelte
@@ -1,7 +1,7 @@
 <script lang="ts">
   import { onMount } from 'svelte';
   import FormStyledButton from './buttons/FormStyledButton.svelte';
-  import { redirectToLogin } from './clientAuth';
+  import { doLogout, redirectToLogin } from './clientAuth';
 
   onMount(() => {
     const removed = document.getElementById('starting_dbgate_zero');
@@ -24,6 +24,7 @@
 
   <div class="button">
     <FormStyledButton value="Log In" on:click={handleLogin} />
+    <FormStyledButton value="Log Out" on:click={doLogout} />
   </div>
 </div>
 
diff --git a/packages/web/src/clientAuth.ts b/packages/web/src/clientAuth.ts
index 367c38819..8d72a697a 100644
--- a/packages/web/src/clientAuth.ts
+++ b/packages/web/src/clientAuth.ts
@@ -1,4 +1,4 @@
-import { apiCall, disableApi, enableApi } from './utility/api';
+import { apiCall, enableApi } from './utility/api';
 import { getConfig } from './utility/metadataLoaders';
 
 export function isOauthCallback() {
@@ -40,6 +40,9 @@ export function handleOauthCallback() {
 }
 
 export async function handleAuthOnStartup(config) {
+  if (config.oauth) {
+    console.log('OAUTH callback URL:', location.origin + location.pathname);
+  }
   if (config.oauth || config.isLoginForm) {
     if (localStorage.getItem('accessToken')) {
       return;
@@ -84,3 +87,21 @@ export function internalRedirectTo(path) {
   const newPath = index >= 0 ? location.pathname.substring(0, index) + path : path;
   location.replace(newPath);
 }
+
+export async function doLogout() {
+  enableApi();
+  const config = await getConfig();
+  if (config.oauth) {
+    localStorage.removeItem('accessToken');
+    if (config.oauthLogout) {
+      window.location.href = config.oauthLogout;
+    } else {
+      internalRedirectTo('/?page=not-logged');
+    }
+  } else if (config.isLoginForm) {
+    localStorage.removeItem('accessToken');
+    internalRedirectTo('/?page=not-logged');
+  } else {
+    window.location.href = 'config/logout';
+  }
+}
diff --git a/packages/web/src/commands/stdCommands.ts b/packages/web/src/commands/stdCommands.ts
index 5beb4f8cb..6a0b7f054 100644
--- a/packages/web/src/commands/stdCommands.ts
+++ b/packages/web/src/commands/stdCommands.ts
@@ -36,7 +36,7 @@ import runCommand from './runCommand';
 import { openWebLink } from '../utility/exportFileTools';
 import { getSettings } from '../utility/metadataLoaders';
 import { isMac } from '../utility/common';
-import { internalRedirectTo } from '../clientAuth';
+import { doLogout, internalRedirectTo } from '../clientAuth';
 
 // function themeCommand(theme: ThemeDefinition) {
 //   return {
@@ -549,22 +549,7 @@ registerCommand({
   category: 'App',
   name: 'Logout',
   testEnabled: () => getCurrentConfig()?.login != null,
-  onClick: () => {
-    const config = getCurrentConfig();
-    if (config.oauth) {
-      localStorage.removeItem('accessToken');
-      if (config.oauthLogout) {
-        window.location.href = config.oauthLogout;
-      } else {
-        internalRedirectTo('/?page=not-logged');
-      }
-    } else if (config.isLoginForm) {
-      localStorage.removeItem('accessToken');
-      internalRedirectTo('/?page=not-logged');
-    } else {
-      window.location.href = 'config/logout';
-    }
-  },
+  onClick: doLogout,
 });
 
 export function registerFileCommands({